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REMARKS 

Claims 1-3, 5-15, and 17-21 are pending in the application. Reconsideration of 
the application is respectfully requested based on the following remarks. 

L REJECTION OF CLAIMS 1-3. 5-15. AND 17-21 UNDER 35 U.S.C. § 103(a) 

Claims 1-21 were rejected under 35 U.S.C. § 103(a) as being unpatentable over 
Buer (US Pub no 20040128553) in view of WO 01/05086 A2 (Krishna) and further in 
view of US Pub No 20020129271 A1 (Stanaway). 

i. The combination of Buer, Krishna, and Stanaway does not teach or 
suggest a security system comprising an output control system 
operable to receive at least a part of a decrypted payload of a 
subsequent packet before a status word of a preceding packet, as 
recited in claim 1. 

Claim 1 is directed to a network interface system for interfacing a host system 
with a network to provide outgoing data from the host system to the network and to 
provide incoming data from the network to the host system. The network interface 
system comprises a security system operable to receive at least a part of a decrypted 
payload of a subsequent patent before a status word of a preceding packet. 

The Office Action concedes that the combination of Buer and Krishna do not 
explicitly teach wherein the output control system is operable to receive at least a part 
of a preceding packet and the core module of the security system is operable to 
simultaneously decrypt and authenticate a packet payload. Further, the Office Action 
states that Stanaway teaches the output control system is operable to receive at least a 
part of a decrypted payload of a subsequent packet before a status word of a preceding 
packet by referencing paragraphs 0019, and 0028. Applicants respectfully disagree. 

Nowhere does Stanaway teach or suggest an output control system, wherein a 
part of a decrypted payload of a subsequent packet is received thereat before a status 
word of a preceding packet, as recited in claim 1. Stanaway does not teach or suggest 
anything about status words of a packet. As highlighted in applicants' specification, and 
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as is well known to those of ordinary skill in the art, a status word is different than 
payload data, resides at the end of a packet, and includes trailers received from the 
network and information that the network interface system inserts at the end of the 
packet (see, e.g., page 8, line 27 - page 9 line 2). Moreover, Stanaway teaches in 
paragraph 0019 that "[a]s data packets are received in the same session the data 
engine accesses the Security Association (SA) bound to the assigned user IP address 
and properly decrypts the packet payload." While Stanaway states that subsequent 
packets are received, such packets are received while the preceding packet is being 
decrypted, and no discussion of out-of-order processing or data handling is disclosed. 
Consequently the teaching of Stanaway differs from receiving a part of a decrypted 
payload of a subsequent packet before the status word of a preceding packet as 
claimed. Because Stanaway does not remedy the deficiency of Buer in combination 
with Krishna, claim 1 is non-obvious over the cited combination of art, and withdrawal of 
the rejection is therefore respectfully requested. 

Claim 1 is not obvious by the cited references because the session discussed in 
Stanaway is a user-VPN session that occurs after accessing a virtual private network 
wherein processing of the packets flows in sequential order with no mention of a 
part of a decrypted payload being received before the status words of a 
preceding packet. In paragraph 0028, Stanaway explains that, 'Talfter the session is 
authenticated and the memory is written, data packets are received at the data 
engine." This explicitly teaches a sequential data flow processed in the order of 
packets received which is different from a decrypted payload of a subsequent packet 
being received before the status word of a preceding packet, as recited in claim 1 . 
Withdrawal of the rejection is respectfully requested. 
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ii. The combination of Buer, Krishna, and Stanaway does not teach or 
suggest a core module of a security system operable to 
simultaneously decrypt and authenticate a packet payload. 

Claim 1 is directed to a network interface system for interfacing a host system 
with a network to provide outgoing data from the host system to the network and to 
provide incoming data from the network to the host system. The network interface 
system comprises a core module of a security system operable to simultaneously 
decrypt and authenticate a packet payload for out-of-order writing of packet data to 
the output control system and the output control system assembles the out-of-order 
data in correct order within the second memory. 

The Office Action concedes that Buer and Krishna do not explicitly teach that the 
core module of the security system is operable to simultaneously decrypt and 
authenticate a packet payload, but argues that Stanaway does teach these elements 
referring to paragraphs 0006, 0019, and 0028. Applicants respectfully disagree with 
this interpretation of Stanaway. 

In addition to the above reasons, Stanaway in combination with Buer and 
Krishna fails to teach or suggest that a security system is operable to simultaneously 
decrypt and authenticate a packet payload. Stanaway teaches a user-VPN session 
that occurs after accessing a virtual private network wherein processing of the packets 
flows in sequential order. In paragraph 0028, Stanaway explains that, 'Talfter the 
session is authenticated and the memory is written, data packets are received at the 
data engine." This explicitly teaches a sequential data flow processed in the order of 
packets received without any teaching or suggestion that the security system is 
operable to simultaneously decrypt and authenticate a packet payload. Because no 
teaching or suggestion in the cited references is provided that indicates or implies that 
such actions are performed simultaneously, claim 1 is nonobvious for at least this 
additional reason. Accordingly, withdrawal of the rejection is respectfully requested. 
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Hi. The combination of Buer, Krishna, and Stanaway does not teach or 
suggest a core module operable to decrypt completely the 
subsequent packet prior to authenticating the current packet, as 
recited in claim 13. 

The Office Action concedes that the combination of Buer and Krishna do not 
explicitly teach a core module operable to decrypt completely the subsequent packet 
prior to authenticating the current packet. However, Stanaway fails to remedy the 
deficiency. 

In paragraph 0028, Stanaway explains that, 'Talfter the session is 
authenticated and the memory is written, data packets are received at the data 
engine." This is in contrast to claim 13. No where does Stanaway teach or suggest 
that a core module is operable to decrypt completely the subsequent packet prior to 
authenticating the current packet. Withdrawal of the rejection is respectfully 
requested. 

IL CONCLUSION 

For at least the above reasons, the claims currently under consideration are 
believed to be in condition for allowance. 

Should the Examiner feel that a telephone interview would be helpful to facilitate 
favorable prosecution of the above-identified application, the Examiner is invited to 
contact the undersigned at the telephone number provided below. 
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Should any fees be due as a result of the filing of this response, the 
Commissioner is hereby authorized to charge the Deposit Account Number 50-1733, 
AMDP761US. 

Respectfully submitted, 
ESCHWEILER & ASSOCIATES, LLC 



/Thomas G. Eschweiler/ 
Thomas G. Eschweiler 
Reg. No. 36,981 



National City Bank Building 
629 Euclid Avenue, Suite 1000 
Cleveland, Ohio 44114 
(216) 502-0600 



